.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.117 2009/02/12 03:46:17 djm Exp $
+.\" $OpenBSD: ssh_config.5,v 1.126 2010/01/09 23:04:13 dtucker Exp $
.Dd $Mdocdate$
.Dt SSH_CONFIG 5
.Os
(remote user name) or
.Ql %u
(local user name).
+.Pp
+The command is run synchronously and does not have access to the
+session of the
+.Xr ssh 1
+that spawned it.
+It should not be used for interactive commands.
+.Pp
This directive is ignored unless
.Cm PermitLocalCommand
has been enabled.
and
.Sq 2 .
Multiple versions must be comma-separated.
-The default is
-.Dq 2,1 .
-This means that ssh
-tries version 2 and falls back to version 1
+When this option is set to
+.Dq 2,1
+.Nm ssh
+will try version 2 and fall back to version 1
if version 2 is not available.
+The default is
+.Sq 2 .
.It Cm ProxyCommand
Specifies the command to use to connect to the server.
The command
forwardings can be given on the command line.
Privileged ports can be forwarded only when
logging in as root on the remote machine.
-.Pp
+.Pp
If the
.Ar port
argument is
program.
The default is
.Pa /usr/X11R6/bin/xauth .
-.It Cm ZeroKnowledgePasswordAuthentication
-Specifies whether to use zero knowledge password authentication.
-This authentication method avoids exposure of password to untrusted
-hosts.
-The argument to this keyword must be
-.Dq yes
-or
-.Dq no .
-The default is currently
-.Dq no
-as this method is considered experimental.
.El
.Sh PATTERNS
A